[USN-74-1] Postfix vulnerability
Martin Schmitt
mas at scsy.de
Fri Feb 4 12:41:40 UTC 2005
Martin Pitt wrote:
> ===========================================================
> Ubuntu Security Notice USN-74-1 February 04, 2005
> postfix vulnerability
> http://bugs.debian.org/267837
> ===========================================================
>
> A security issue affects the following Ubuntu releases:
>
> Ubuntu 4.10 (Warty Warthog)
>
> The following packages are affected:
>
> postfix
>
> The problem can be corrected by upgrading the affected package to
> version 2.1.3-1ubuntu17.1. In general, a standard system upgrade is
> sufficient to effect the necessary changes.
>
> Details follow:
>
> Jean-Samuel Reynaud noticed a programming error in the IPv6 handling
> code of Postfix when /proc/net/if_inet6 is not available (which is the
> case in Ubuntu since Postfix runs in a chroot). If "permit_mx_backup"
> was enabled in the "smtpd_recipient_restrictions", Postfix turned into
> an open relay, i. e. erroneously permitted the delivery of arbitrary
> mail to any MX host which has an IPv6 address.
This really should have mentioned that the Ubuntu Postfix package has
been enhanced with a 3rd party IPv6 patch. The stable Postfix versions
up to now do not support IPv6 at all.
-martin
--
+-------------------------+------------------------+
| Martin Schmitt | Schmitt Systemberatung |
| http://www.scsy.de/~mas | http://www.scsy.de |
+-------------------------+------------------------+
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20050204/e2d5d201/attachment.sig>
More information about the ubuntu-users
mailing list